System and method for securing online chat conversations

ABSTRACT

A system, method and program product for securing online chat conversations. The disclosed method includes the steps of capturing a chat conversation into an image file; adding a watermark to the image file; extracting the watermark from the watermarked image file; and validating the watermark.

CROSS REFERENCE TO RELATED APPLICATIONS

The current application is a continuation application of U.S. patentapplication Ser. No. 11/041,321, filed on Jan. 2, 2005, now U.S. Pat.No. 7,496,635 which is hereby incorporated by reference.

BACKGROUND OF THE INVENTION

1. Technical Field

The present invention relates generally to validating electronic data,and more specifically relates to a system and method for capturing,securing, and validating online chat conversations.

2. Related Art

Currently, online chat programs, such as AOL INSTANT MESSENGER™ (“AIM”)and IBM's SAMETIME™ allow for real-time communication. Until thepopularity of such chat programs became integrated into the workplace,email was often the common choice of business communications, allowing asender to not only express specific details/solutions/ideas related tothe business but also served as a repository of information. With chatprograms, communication is often quick and swift, allowing for remotedirection of instructions, discussions, and other pertinentconversations related to business processes.

Most users now use a combination of both email and chat programs astools to provide the necessary communications within the businessenvironment. However, the communication that takes place within thecontext of a chat program is not secure and there is no adequate tool toprovide a secure mechanism for validating a past conversation, set ofinstructions, and so forth, similar to email encryption programs, suchas LOTUS NOTES™.

Users that rely upon chat programs to log specific business activity,similar to that performed today with encrypted/archived “Sent” emails,cannot rely on a simple copy/paste operation from the chat program inorder to record a conversation. The contents of the conversation caneasily be manipulated and in no way can offer any protection. Inaddition, this issue can be further exacerbated by individuals who usechat programs to casually converse with other employees at work, inwhich conversations can be changed or used out of context, leading intodifficult situations (e.g., sexual harassment, misdirection ofinstructions, etc.). As chat programs continue to become a mainstreamsource of business process and function, the need to develop a securemethod of capturing/validating online conversations is necessary.

SUMMARY OF THE INVENTION

The present invention addresses the above-mentioned problems, as well asothers, by providing a system, method and program product for allowingusers to securely export a conversation from a chat program and validatethe contents of the conversation. In a first aspect, the inventionprovides a system for securing online chat conversations, comprising: achat conversation capture system that captures a chat conversation intoan image file; and a watermarking system for adding a watermark to theimage file to produce a watermarked image file. In accordance with thisaspect, the invention further comprises a verification system thatincludes: a watermark extraction system for extracting the watermarkfrom the watermarked image file; and a validation system for validatingthe watermark.

In a second aspect, the invention provides a method for securing onlinechat conversations, comprising: capturing a chat conversation into animage file; adding a watermark to the image file; extracting thewatermark from the watermarked image file; and validating the watermark.

In a third aspect, the invention provides a program product stored on acomputer readable medium for securing online textual communications,comprising: program code configured for capturing online textualcommunications into an image file; and program code configured foradding a watermark to the image file to produce a watermarked imagefile.

In a fourth aspect, the invention provides a method for deploying anapplication for securing online chat conversations, comprising:providing a computer infrastructure being operable to: capture a chatconversation into an image file; and add a watermark to the image file.

In a fifth aspect, the invention provides computer software embodied ina propagated signal for securing online chat conversations, the computersoftware comprising instructions to cause a computer to perform thefollowing functions: capture a chat conversation into an image file; andadd a watermark to the image file.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other features of this invention will be more readilyunderstood from the following detailed description of the variousaspects of the invention taken in conjunction with the accompanyingdrawings in which:

FIG. 1 depicts a system diagram showing the process of securing andvalidating a chat conversation in accordance with the present invention.

FIG. 2 depicts a computer system having a chat security and validationsystem in accordance with the present invention.

DETAILED DESCRIPTION OF THE INVENTION

Referring now to the drawings, FIG. 1 depicts: (1) an online chatprogram 10 that includes a secure export system 11 for securelyexporting chat conversations; and (2) a verification system 30 forverifying exported chat conversations. As noted above, online chatprograms, such as AIM and SAMETIME, allow multiple users on a network,such as the Internet, to textually communicate in (near) real time. In atypical scenario, two or more users on a network engage in a chatsession by typing and viewing text within a user interface provided bythe online chat program 10. The operation of online chat programs 10 arewell known in the art, and are therefore not described in furtherdetail. Note however that while the invention is described withreference to securing and verifying online chat, the invention could beapplied to any online communication where there exists a need tocapture, secure and verify electronic text data. Illustrativeapplications may include online bulletin boards, online publications,email transmissions, Web page data, text messaging, etc.

Secure export system 11 includes a chat conversation capture system 12,which captures the chat conversation from the online chat program 10 toa JPEG image 14. A watermarking system 16 then adds a watermark to theJPEG image 14 to generate a watermarked JPEG image 20. The watermark maycomprise any type of watermark, e.g., an invisible fragile watermark,created and embedded using any known algorithm 18.

In general, watermark technology relies on the fact that the human eyeis more sensitive to noise in the lower frequency components of an imagethan in the higher ones. For example, using a JPEG compression, afterthe DCT (Discrete Cosine Transform) and the quantization steps, thewatermark can be inserted into the higher frequency slots of the JPEG8×8 compression block which normally become zero after the quantizationstep. Methods to insert watermarks vary and include enforcing adifference between certain slots in the block, always modifying aspecific block, etc. It should be noted that while this embodiment isimplemented using a JPEG image 14, the invention could be implementedusing any other type of image file into which a watermark could beplaced, e.g., TIFF, GIF, PDF, etc.

Once the watermarked JPEG image 20 is created, it can be verified byverification system 30, which will ensure that the watermarked JPEGimage 20 has not been tampered with. Verification system 30 may beimplemented as a standalone process, as part of an online chat program10, as part of an image viewer, or as part of some other process.Included in verification system 22 is a watermark extraction system 22that extracts the watermark 24 from the watermarked JPEG image 20 usingthe same algorithm 18 that export system 11 used to embed the watermark.Once the watermark 24 is extracted, a validation system 26 may beutilized to examine and validate the watermark 24. Any now known orlater developed technique for validating the watermark may be utilized(e.g., checksum, etc.).

Referring now to FIG. 2, an illustrative embodiment of a computer system40 is shown for implementing the invention. Computer system 40 maycomprise, e.g., a desktop, a laptop, a workstation, handheld device,etc. Moreover, computer system 40 could be implemented as part of aclient and/or a server. Computer system 40 generally includes aprocessor 42, memory 46, bus 50, input/output interfaces (I/O) 44,external devices/resources such as storage (not shown), etc. Theprocessor 42 may comprise a single processing unit, or be distributedacross one or more processing units in one or more locations, e.g., on aclient and server. Memory 46 may comprise any known type of data storageand/or transmission media, including magnetic media, optical media,random access memory (RAM), read-only memory (ROM), a data cache, a dataobject, etc. Moreover, any memory 46 may reside at a single physicallocation, comprising one or more types of data storage, or bedistributed across a plurality of physical systems in various forms.

I/O 44 may comprise any system for exchanging information to/from anexternal resource. External devices/resources (not shown) may compriseany known type of external device, including speakers, a CRT, LEDscreen, hand-held device, keyboard, mouse, voice recognition system,speech output system, printer, monitor/display, facsimile, pager, etc.Bus 50 may be included to provide a communication link between each ofthe components in the computer system 40 and likewise may comprise anyknown type of transmission link, including electrical, optical,wireless, etc. Although not shown, additional components, such as cachememory, communication systems, system software, etc., may beincorporated into computer system 40.

Stored in memory 40 as a program product is: (1) online chat program 10that includes a secure export system 11, and (2) verification system 30.As described above, secure export system 11 includes a chat conversationexport system 12 and watermarking system 16 capable of generating awatermarked JPEG image of a chat conversation 48. Verification system 30includes a watermark extraction system 22 and validation system 24 forverifying the watermarked JPEG image 20.

It should be understood that verification system 30 may be implementedindependently of chat program 10, or be integrated into chat program 10.Moreover, although described as being integrated with chat program 10,secure export system 11 may likewise be implemented independently ofchat program 10. Accordingly, computer system 40 may be implemented ascontaining one or both of secure export system 11 and verificationsystem 20. Thus, a first computer system may be equipped with thecapability to generate a watermarked JPEG image 20 and a second computersystem may be equipped with the capability to verify the watermarkedJPEG image 20. Alternatively, a single computer system 40 may beequipped with both capabilities.

Either or both of the secure export system 11 and verification system 30can be made available as plug-ins. The plug-in for the verificationsystem 30 will contain the same algorithm 18 used by the online chatprogram 10 to embed the watermark 24. The watermark 24 will be extractedfrom the watermarked JPEG image 20 and validated. If the data isincorrect, the user will be notified that the watermarked JPEG image 20has been tampered with.

Online chat program 10 provides an online messaging client allows a chatconversation 48 to take place over a network 52. Such a network 52 canbe any type of network such as the Internet, a local area network (LAN),a wide area network (WAN), a virtual private network (VPN), a wirelessnetwork, etc. Communication could occur via a direct hardwiredconnection (e.g., serial port), or via an addressable connection thatmay utilize any combination of wireline and/or wireless transmissionmethods. Moreover, conventional network connectivity, such as TokenRing, Ethernet, WiFi or other conventional communications standardscould be used. Still yet, connectivity could be provided by conventionalTCP/IP sockets-based protocol. In this instance, an Internet serviceprovider could be used to establish interconnectivity. Further, asindicated above, communication could occur in a client-server orserver-server environment.

It should be appreciated that the teachings of the present inventioncould be offered as a business method on a subscription or fee basis.For example, a computer system 40 comprising a secure export system 11and/or verification system 30 could be created, maintained and/ordeployed by a service provider that offers the functions describedherein for customers. That is, a service provider could offer to secureand/or verify a chat conversation 48.

It is understood that the systems, functions, mechanisms, methods,engines and modules described herein can be implemented in hardware,software, or a combination of hardware and software. They may beimplemented by any type of computer system or other apparatus adaptedfor carrying out the methods described herein. A typical combination ofhardware and software could be a general-purpose computer system with acomputer program that, when loaded and executed, controls the computersystem such that it carries out the methods described herein.Alternatively, a specific use computer, containing specialized hardwarefor carrying out one or more of the functional tasks of the inventioncould be utilized. In a further embodiment, part of all of the inventioncould be implemented in a distributed manner, e.g., over a network suchas the Internet.

The present invention can also be embedded in a computer programproduct, which comprises all the features enabling the implementation ofthe methods and functions described herein, and which—when loaded in acomputer system—is able to carry out these methods and functions. Termssuch as computer program, software program, program, program product,software, etc., in the present context mean any expression, in anylanguage, code or notation, of a set of instructions intended to cause asystem having an information processing capability to perform aparticular function either directly or after either or both of thefollowing: (a) conversion to another language, code or notation; and/or(b) reproduction in a different material form.

The foregoing description of the invention has been presented forpurposes of illustration and description. It is not intended to beexhaustive or to limit the invention to the precise form disclosed, andobviously, many modifications and variations are possible. Suchmodifications and variations that may be apparent to a person skilled inthe art are intended to be included within the scope of this inventionas defined by the accompanying claims.

1. A system for securing online chat conversations, comprising: a chatconversation capture system that captures a chat conversation into animage file; a watermarking system for adding a watermark to the imagefile to produce a watermarked image file; and a verification systemcomprising: a watermark extraction system for extracting the watermarkfrom the watermarked image file; and a validation system for validatingthe watermark, wherein the validation system validates whether the imagefile has been altered.
 2. The system of claim 1, wherein thewatermarking system and watermark extraction system both utilize thesame algorithm to insert and extract the watermark.
 3. The system ofclaim 1, wherein the image file comprises a JPEG image.
 4. The system ofclaim 1, wherein the chat conversation capture system and watermarkingsystem are integrated into an online chat program.
 5. The system ofclaim 1, wherein the watermark extraction system and validation systemare integrated into an online chat program.
 6. A method for securingonline chat conversations, comprising: capturing a chat conversationinto an image file; adding a watermark to the image file; extracting thewatermark from the watermarked image file; and validating the watermark,wherein validating the watermark includes validating whether the imagefile has been altered.
 7. The method of claim 6, wherein the steps ofadding the watermark system and extracting the watermark both utilizethe same algorithm to insert and extract the watermark.
 8. The method ofclaim 6, wherein the image file comprises a JPEG image.
 9. The method ofclaim 6, wherein the capturing and adding steps are initiated fromwithin an online chat program.
 10. The method of claim 6, wherein theextracting and validating steps are integrated into an online chatprogram.
 11. A program product stored on a computer readable medium forsecuring online textual communications, comprising: program codeconfigured for capturing online textual communications into an imagefile; program code configured for adding a watermark to the image fileto product a watermarked image file; program code configured forextracting the watermark from the watermarked image file and programcode configured for validating the watermark, wherein validating thewatermark includes validating whether the image file has been altered.12. The program product of claim 11 wherein program code configured foradding the watermark and the program code configured for extracting thewatermark both utilize the same algorithm to insert and extract thewatermark.
 13. The program product of claim 11, wherein the image filecomprises a JPEG image.
 14. The program product of claim 11, wherein theonline textual communications comprise a chat conversation captured froman online chat program.
 15. The program product of claim 11, wherein theprogram product is integrated into an online chat program.
 16. A methodfor deploying an application for securing online chat conversations,comprising: providing a computer infrastructure being operable to:capture a chat conversation into an image file; add a watermark to theimage file; extract the watermark from the watermarked image file; andvalidate the watermark, wherein validating the watermark includesvalidating whether the image file has been altered.